Archive for October, 2015

MJS Article: The Compromised Devices of the Carna Botnet by Parth Shukla

October 29, 2015

Last year we talked about publishing the proceedings of past DeepSec conferences  with a collection of articles covering presentation held in Vienna. We like to introduce Parth Shukla, who presented a report of the devices compromised by the Carna Botnet. This article will showcase the latest analysis and the progress of industry collaboration on the […]

Tags: , , ,
Posted in Internet, Report, Security Comments Off on MJS Article: The Compromised Devices of the Carna Botnet by Parth Shukla

Special Screening of the Documentary “A Good American” during DeepSec 2015

October 28, 2015

Attendees of DeepSec 2015 will receive a special treat. We have been talking to Friedrich Moser, and he has agreed to show his documentary „A Good American“ on 20 November 2015 exclusively. The private screening will take place in Vienna. It starts at 2100 at the Burg Kino, known for showing „The Third Man“. „A […]

Tags: , , , , ,
Posted in Conference, Discussion, High Entropy, Security Intelligence 1 Comment »

DeepSec 2015 Keynote: Can Societies manage the SIGINT Monster?

October 27, 2015

Gathering data has become very important in the past years. Everyone is talking about intelligence of all shades, few know what it actually means and how you do it properly (we got a workshop for that, if you are interested). Information security needs to anticipate threats and adapt the defences accordingly. The same is true […]

Tags: , , , , ,
Posted in Conference, Discussion 2 Comments »

Thanks to University of Applied Sciences Upper Austria for sponsoring DeepSec 2015!

October 23, 2015

Since information security experts don’t grow on trees, we maintain close relationships to academic partners. The science in computer science has to come from somewhere. So we are very happy to welcome the University of Applied Sciences Upper Austria among the supporters of DeepSec 2015. The University of Applied Sciences Upper Austria is a national leader […]

Tags: , ,
Posted in Conference Comments Off on Thanks to University of Applied Sciences Upper Austria for sponsoring DeepSec 2015!

Thanks to CERT.at for sponsoring DeepSec 2015!

October 22, 2015

The Austrian Computer Emergency Response Team (CERT.at) is the primary contact point for IT-security in a national context. When things go wrong and point to organisations, companies, or private persons in Austria, then CERT.at can help. Their team is instrumental in informing businesses about incidents, thus helping IT staff to respond quickly to attacks. When […]

Tags: ,
Posted in Conference 5 Comments »

Thanks to UBIT Vienna for sponsoring DeepSec 2015!

October 22, 2015

The Austrian Economic Chambers are the voice of Austrian companies and support their business throughout the years. The specialist group UBIT Vienna is the professional association of business consulting, accountants and IT service provider within the Viennese Chamber of Commerce. With around 20,000 members UBIT is one of the largest Austrian trade groups. The services […]

Tags: ,
Posted in Conference 2 Comments »

DeepSec 2015 Talk: A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs, and Why all Government authorized Backdoors are very dangerous – James Bamford

October 22, 2015

Some of you might remember the „Athens Affair“. In 2005 Ericsson found backdoors in the lawful interception systems of Vodafone Greece. The software on these modules was altered to successfully wiretap phone numbers without detection. When one of the tapped phones made or received a phone call, the exchange, or switch, sent a duplication of […]

Tags: , , , , , ,
Posted in Conference, Security Intelligence Comments Off on DeepSec 2015 Talk: A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs, and Why all Government authorized Backdoors are very dangerous – James Bamford

Nikhil Mittal has two Black Hat Europe passes for his attendees

October 21, 2015

Nikhil Mittal offers two passes for Black Hat Europe, Amsterdam, Nov. 10-13 for his workshop attendees at our DeepSec in Vienna. If more than two are interested we will make a raffle or a sweepstake. Workshop: Powershell for Penetration testers Deadline is in two weeks, when we make final decisions about our workshops. So if […]

Tags: , ,
Posted in Conference, Schedule 1 Comment »

DeepSec Talk: Got RATs? Enter Barn Cat (OSint)

October 21, 2015

We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat. OSINT Barn Cat: Mining Malware for Intelligence at Scale I like the name of the project: Barn cats are the best mousers and this new project is targeted to […]

Tags: , ,
Posted in Conference, Schedule 1 Comment »

DeepSec Workshops: Digitale Verteidigung – Wissen ist Macht

October 20, 2015

Wann haben Sie Ihren letzten Geschäftsbrief geschrieben? Und wann haben Sie das letzte Mal Stift und Papier dazu benutzt? Es macht nichts wenn Sie sich nicht daran erinnern können: Digitale Kommunikation ist Teil unseres Alltagslebens, nicht nur in der Geschäftswelt. Wir haben uns so sehr daran gewöhnt ständig online zu kommunizieren, das offline sein sich […]

Tags: , , , ,
Posted in Conference, Internet, Training Comments Off on DeepSec Workshops: Digitale Verteidigung – Wissen ist Macht

Thanks to Microsoft for sponsoring DeepSec 2015!

October 20, 2015

When it comes to information security, Microsoft has a lot of stories to tell. The Windows® platform is widely deployed and used all over the world. A lot of exploits exist for this system. Being well-known has it disadvantages. For all of you who have followed the Way of Disclosure, you will certainly remember that […]

Tags: ,
Posted in Conference 1 Comment »

DeepSec 2015 Talk: Agile Security – The Good, The Bad, and mostly the Ugly – Daniel Liber

October 14, 2015

Particle collisions are a rich source for insights into the inner workings of Nature. Physicists know this. The Large Hadron Collider (LHC) built by the European Organization for Nuclear Research (CERN) demonstrates this to the extreme. You can to the same in information security if you lock developers and security experts into a room. Acceleration […]

Tags: , , , , ,
Posted in Conference, Security 2 Comments »

Defence – Beating the Odds with Knowledge

October 13, 2015

When did you write your last business letter? You probably don’t recall, because you write one all of the time. When did you last use ink and paper to do this? If you can’t remember the answer to this question, don’t bother trying. Digital communication is part of our daily life, not only in the […]

Tags: , , , ,
Posted in Conference, Discussion, Mission Statement, Training 1 Comment »

DeepSec 2015 Talk: DDoS – Barbarians at the Gate(way) – Dave Lewis

October 9, 2015

There really is strength in numbers. It’s true for Big Data, high performance computing, cryptography, social media, and flooding the Internet with packets. The latter has been the method of choice for activists, „cyber“ warriors and criminals alike. Network interdiction (as military minds may call it) or Distributed Denial of Service (DDoS) attacks can be […]

Tags: , , , , ,
Posted in Conference, Internet, Security Comments Off on DeepSec 2015 Talk: DDoS – Barbarians at the Gate(way) – Dave Lewis

Digital Naval Warfare – European Safe Harbor Decree has been invalidated

October 8, 2015

The global cargo traffic on the Internet needs to revise its routes. The Court of Justice of the European Union has declared the so-called „Safe Harbor“ agreement between the European Commission (EC) and US-American companies as invalid. The agreement was a workaround to export the EU Directive 95/46/EC on the protection of personal data to […]

Tags: , , ,
Posted in Discussion, High Entropy, Internet, Legal Comments Off on Digital Naval Warfare – European Safe Harbor Decree has been invalidated